Examples with FilterResult org.zaproxy.zap.extension.ascan.filters.FilterResult used on opensource projects

Search in sources :

Example 1 with FilterResult

use of org.zaproxy.zap.extension.ascan.filters.FilterResult in project zaproxy by zaproxy.

the class HostProcess method filterNode.

private boolean filterNode(StructuralNode node) {
    for (ScanFilter scanFilter : parentScanner.getScanFilters()) {
        try {
            FilterResult filterResult = scanFilter.isFiltered(node);
            if (filterResult.isFiltered()) {
                try {
                    HttpMessage msg = node.getHistoryReference().getHttpMessage();
                    parentScanner.notifyFilteredMessage(msg, filterResult.getReason());
                } catch (HttpMalformedHeaderException | DatabaseException e) {
                    log.warn("Error while getting httpmessage from history reference: " + e.getMessage(), e);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Ignoring filtered node: " + node.getName() + " Reason: " + filterResult.getReason());
                }
                return true;
            }
        } catch (Exception ex) {
            log.error(ex.getMessage(), ex);
        }
    }
    return false;
}
Also used : ScanFilter(org.zaproxy.zap.extension.ascan.filters.ScanFilter) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) FilterResult(org.zaproxy.zap.extension.ascan.filters.FilterResult) HttpMessage(org.parosproxy.paros.network.HttpMessage) DatabaseException(org.parosproxy.paros.db.DatabaseException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) IOException(java.io.IOException) DatabaseException(org.parosproxy.paros.db.DatabaseException)

Example 2 with FilterResult

use of org.zaproxy.zap.extension.ascan.filters.FilterResult in project zaproxy by zaproxy.

the class AbstractGenericScanFilter method isFiltered.

protected FilterResult isFiltered(Collection<V> values) {
    Objects.requireNonNull(values);
    if (filterData.isEmpty()) {
        return FilterResult.NOT_FILTERED;
    }
    FilterCriteria filterCriteria = this.getFilterCriteria();
    switch(filterCriteria) {
        case INCLUDE:
            if (values.stream().anyMatch(value -> matcher.test(filterData, value))) {
                return FilterResult.NOT_FILTERED;
            }
            return new FilterResult(Constant.messages.getString(INCLUDE_FILTER_CRITERIA_MESSAGE_KEY, this.getFilterType(), filterData));
        case EXCLUDE:
            for (V value : values) {
                if (matcher.test(filterData, value)) {
                    return new FilterResult(Constant.messages.getString(EXCLUDE_FILTER_CRITERIA_MESSAGE_KEY, this.getFilterType(), "[" + value + "]"));
                }
            }
            return FilterResult.NOT_FILTERED;
        default:
            return FilterResult.NOT_FILTERED;
    }
}
Also used : FilterCriteria(org.zaproxy.zap.extension.ascan.filters.FilterCriteria) FilterResult(org.zaproxy.zap.extension.ascan.filters.FilterResult)

Example 3 with FilterResult

use of org.zaproxy.zap.extension.ascan.filters.FilterResult in project zaproxy by zaproxy.

the class HostProcessUnitTest method shouldNotScanFilteredNode.

@Test
void shouldNotScanFilteredNode() throws Exception {
    // Given
    ScanFilter scanFilter = mock(ScanFilter.class);
    String filteredReason = "reason";
    FilterResult filterResult = new FilterResult(filteredReason);
    given(scanFilter.isFiltered(any())).willReturn(filterResult);
    given(scanner.getScanFilters()).willReturn(asList(scanFilter));
    HttpMessage httpMessage = mock(HttpMessage.class);
    StructuralNode node = createLeafNode("GET:file", "GET", "http://localhost/file");
    given(node.getHistoryReference().getHttpMessage()).willReturn(httpMessage);
    hostProcess.setStartNode(node);
    // When
    hostProcess.run();
    // Then
    assertThat(hostProcess.getTestTotalCount(), is(equalTo(0)));
    verify(scanFilter).isFiltered(node);
    verify(scanner).notifyFilteredMessage(httpMessage, filteredReason);
}
Also used : StructuralNode(org.zaproxy.zap.model.StructuralNode) ScanFilter(org.zaproxy.zap.extension.ascan.filters.ScanFilter) FilterResult(org.zaproxy.zap.extension.ascan.filters.FilterResult) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test)

Example 4 with FilterResult

use of org.zaproxy.zap.extension.ascan.filters.FilterResult in project zaproxy by zaproxy.

the class GenericFilterUtilityTest method testIncludeCriteriaWithSameValues.

@Test
void testIncludeCriteriaWithSameValues() {
    // Given
    List<String> genericFilterData = new ArrayList<>();
    genericFilterData.add("Dummy");
    abstractGenericScanFilter.setFilterData(genericFilterData);
    Set<String> values = new HashSet<>();
    values.add("Dummy");
    // When
    FilterResult filterResult = abstractGenericScanFilter.isFiltered(values);
    // Then
    assertThat(filterResult.isFiltered(), is(false));
}
Also used : ArrayList(java.util.ArrayList) FilterResult(org.zaproxy.zap.extension.ascan.filters.FilterResult) HashSet(java.util.HashSet) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Example 5 with FilterResult

use of org.zaproxy.zap.extension.ascan.filters.FilterResult in project zaproxy by zaproxy.

the class GenericFilterUtilityTest method testShouldFailWhenExcludeCriteriaWithMoreValues.

@Test
void testShouldFailWhenExcludeCriteriaWithMoreValues() {
    // Given
    List<String> genericFilterData = new ArrayList<>();
    genericFilterData.add("Dummy");
    abstractGenericScanFilter.setFilterData(genericFilterData);
    abstractGenericScanFilter.setFilterCriteria(FilterCriteria.EXCLUDE);
    Set<String> values = new HashSet<>();
    values.add("Dummy");
    values.add("Dummy1");
    // When
    FilterResult filterResult = abstractGenericScanFilter.isFiltered(values);
    // Then
    assertThat(filterResult.isFiltered(), is(true));
}
Also used : ArrayList(java.util.ArrayList) FilterResult(org.zaproxy.zap.extension.ascan.filters.FilterResult) HashSet(java.util.HashSet) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Aggregations

FilterResult (org.zaproxy.zap.extension.ascan.filters.FilterResult)13 Test (org.junit.jupiter.api.Test)11 ArrayList (java.util.ArrayList)10 HashSet (java.util.HashSet)10 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)10 HttpMessage (org.parosproxy.paros.network.HttpMessage)2 ScanFilter (org.zaproxy.zap.extension.ascan.filters.ScanFilter)2 IOException (java.io.IOException)1 DatabaseException (org.parosproxy.paros.db.DatabaseException)1 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)1 FilterCriteria (org.zaproxy.zap.extension.ascan.filters.FilterCriteria)1 StructuralNode (org.zaproxy.zap.model.StructuralNode)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial